|
|
<?php
/* * This file is part of the Symfony package. * * (c) Fabien Potencier <fabien@symfony.com> * * This code is partially based on the Rack-Cache library by Ryan Tomayko, * which is released under the MIT license. * (based on commit 02d2b48d75bcb63cf1c0c7149c077ad256542801) * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */
namespace Symfony\Component\HttpKernel\HttpCache;
use Symfony\Component\HttpFoundation\Request;use Symfony\Component\HttpFoundation\Response;use Symfony\Component\HttpKernel\HttpKernelInterface;use Symfony\Component\HttpKernel\TerminableInterface;
/** * Cache provides HTTP caching. * * @author Fabien Potencier <fabien@symfony.com> */class HttpCache implements HttpKernelInterface, TerminableInterface{ private $kernel; private $store; private $request; private $surrogate; private $surrogateCacheStrategy; private $options = []; private $traces = [];
/** * Constructor. * * The available options are: * * * debug If true, exceptions are thrown when things go wrong. Otherwise, the cache * will try to carry on and deliver a meaningful response. * * * trace_level May be one of 'none', 'short' and 'full'. For 'short', a concise trace of the * main request will be added as an HTTP header. 'full' will add traces for all * requests (including ESI subrequests). (default: 'full' if in debug; 'none' otherwise) * * * trace_header Header name to use for traces. (default: X-Symfony-Cache) * * * default_ttl The number of seconds that a cache entry should be considered * fresh when no explicit freshness information is provided in * a response. Explicit Cache-Control or Expires headers * override this value. (default: 0) * * * private_headers Set of request headers that trigger "private" cache-control behavior * on responses that don't explicitly state whether the response is * public or private via a Cache-Control directive. (default: Authorization and Cookie) * * * allow_reload Specifies whether the client can force a cache reload by including a * Cache-Control "no-cache" directive in the request. Set it to ``true`` * for compliance with RFC 2616. (default: false) * * * allow_revalidate Specifies whether the client can force a cache revalidate by including * a Cache-Control "max-age=0" directive in the request. Set it to ``true`` * for compliance with RFC 2616. (default: false) * * * stale_while_revalidate Specifies the default number of seconds (the granularity is the second as the * Response TTL precision is a second) during which the cache can immediately return * a stale response while it revalidates it in the background (default: 2). * This setting is overridden by the stale-while-revalidate HTTP Cache-Control * extension (see RFC 5861). * * * stale_if_error Specifies the default number of seconds (the granularity is the second) during which * the cache can serve a stale response when an error is encountered (default: 60). * This setting is overridden by the stale-if-error HTTP Cache-Control extension * (see RFC 5861). */ public function __construct(HttpKernelInterface $kernel, StoreInterface $store, SurrogateInterface $surrogate = null, array $options = []) { $this->store = $store; $this->kernel = $kernel; $this->surrogate = $surrogate;
// needed in case there is a fatal error because the backend is too slow to respond
register_shutdown_function([$this->store, 'cleanup']);
$this->options = array_merge([ 'debug' => false, 'default_ttl' => 0, 'private_headers' => ['Authorization', 'Cookie'], 'allow_reload' => false, 'allow_revalidate' => false, 'stale_while_revalidate' => 2, 'stale_if_error' => 60, 'trace_level' => 'none', 'trace_header' => 'X-Symfony-Cache', ], $options);
if (!isset($options['trace_level'])) { $this->options['trace_level'] = $this->options['debug'] ? 'full' : 'none'; } }
/** * Gets the current store. * * @return StoreInterface A StoreInterface instance */ public function getStore() { return $this->store; }
/** * Returns an array of events that took place during processing of the last request. * * @return array An array of events */ public function getTraces() { return $this->traces; }
private function addTraces(Response $response) { $traceString = null;
if ('full' === $this->options['trace_level']) { $traceString = $this->getLog(); }
if ('short' === $this->options['trace_level'] && $masterId = array_key_first($this->traces)) { $traceString = implode('/', $this->traces[$masterId]); }
if (null !== $traceString) { $response->headers->add([$this->options['trace_header'] => $traceString]); } }
/** * Returns a log message for the events of the last request processing. * * @return string A log message */ public function getLog() { $log = []; foreach ($this->traces as $request => $traces) { $log[] = sprintf('%s: %s', $request, implode(', ', $traces)); }
return implode('; ', $log); }
/** * Gets the Request instance associated with the main request. * * @return Request A Request instance */ public function getRequest() { return $this->request; }
/** * Gets the Kernel instance. * * @return HttpKernelInterface An HttpKernelInterface instance */ public function getKernel() { return $this->kernel; }
/** * Gets the Surrogate instance. * * @return SurrogateInterface A Surrogate instance * * @throws \LogicException */ public function getSurrogate() { return $this->surrogate; }
/** * {@inheritdoc} */ public function handle(Request $request, int $type = HttpKernelInterface::MAIN_REQUEST, bool $catch = true) { // FIXME: catch exceptions and implement a 500 error page here? -> in Varnish, there is a built-in error page mechanism
if (HttpKernelInterface::MAIN_REQUEST === $type) { $this->traces = []; // Keep a clone of the original request for surrogates so they can access it.
// We must clone here to get a separate instance because the application will modify the request during
// the application flow (we know it always does because we do ourselves by setting REMOTE_ADDR to 127.0.0.1
// and adding the X-Forwarded-For header, see HttpCache::forward()).
$this->request = clone $request; if (null !== $this->surrogate) { $this->surrogateCacheStrategy = $this->surrogate->createCacheStrategy(); } }
$this->traces[$this->getTraceKey($request)] = [];
if (!$request->isMethodSafe()) { $response = $this->invalidate($request, $catch); } elseif ($request->headers->has('expect') || !$request->isMethodCacheable()) { $response = $this->pass($request, $catch); } elseif ($this->options['allow_reload'] && $request->isNoCache()) { /* If allow_reload is configured and the client requests "Cache-Control: no-cache", reload the cache by fetching a fresh response and caching it (if possible). */ $this->record($request, 'reload'); $response = $this->fetch($request, $catch); } else { $response = $this->lookup($request, $catch); }
$this->restoreResponseBody($request, $response);
if (HttpKernelInterface::MAIN_REQUEST === $type) { $this->addTraces($response); }
if (null !== $this->surrogate) { if (HttpKernelInterface::MAIN_REQUEST === $type) { $this->surrogateCacheStrategy->update($response); } else { $this->surrogateCacheStrategy->add($response); } }
$response->prepare($request);
$response->isNotModified($request);
return $response; }
/** * {@inheritdoc} */ public function terminate(Request $request, Response $response) { if ($this->getKernel() instanceof TerminableInterface) { $this->getKernel()->terminate($request, $response); } }
/** * Forwards the Request to the backend without storing the Response in the cache. * * @param bool $catch Whether to process exceptions * * @return Response A Response instance */ protected function pass(Request $request, bool $catch = false) { $this->record($request, 'pass');
return $this->forward($request, $catch); }
/** * Invalidates non-safe methods (like POST, PUT, and DELETE). * * @param bool $catch Whether to process exceptions * * @return Response A Response instance * * @throws \Exception * * @see RFC2616 13.10 */ protected function invalidate(Request $request, bool $catch = false) { $response = $this->pass($request, $catch);
// invalidate only when the response is successful
if ($response->isSuccessful() || $response->isRedirect()) { try { $this->store->invalidate($request);
// As per the RFC, invalidate Location and Content-Location URLs if present
foreach (['Location', 'Content-Location'] as $header) { if ($uri = $response->headers->get($header)) { $subRequest = Request::create($uri, 'get', [], [], [], $request->server->all());
$this->store->invalidate($subRequest); } }
$this->record($request, 'invalidate'); } catch (\Exception $e) { $this->record($request, 'invalidate-failed');
if ($this->options['debug']) { throw $e; } } }
return $response; }
/** * Lookups a Response from the cache for the given Request. * * When a matching cache entry is found and is fresh, it uses it as the * response without forwarding any request to the backend. When a matching * cache entry is found but is stale, it attempts to "validate" the entry with * the backend using conditional GET. When no matching cache entry is found, * it triggers "miss" processing. * * @param bool $catch Whether to process exceptions * * @return Response A Response instance * * @throws \Exception */ protected function lookup(Request $request, bool $catch = false) { try { $entry = $this->store->lookup($request); } catch (\Exception $e) { $this->record($request, 'lookup-failed');
if ($this->options['debug']) { throw $e; }
return $this->pass($request, $catch); }
if (null === $entry) { $this->record($request, 'miss');
return $this->fetch($request, $catch); }
if (!$this->isFreshEnough($request, $entry)) { $this->record($request, 'stale');
return $this->validate($request, $entry, $catch); }
if ($entry->headers->hasCacheControlDirective('no-cache')) { return $this->validate($request, $entry, $catch); }
$this->record($request, 'fresh');
$entry->headers->set('Age', $entry->getAge());
return $entry; }
/** * Validates that a cache entry is fresh. * * The original request is used as a template for a conditional * GET request with the backend. * * @param bool $catch Whether to process exceptions * * @return Response A Response instance */ protected function validate(Request $request, Response $entry, bool $catch = false) { $subRequest = clone $request;
// send no head requests because we want content
if ('HEAD' === $request->getMethod()) { $subRequest->setMethod('GET'); }
// add our cached last-modified validator
if ($entry->headers->has('Last-Modified')) { $subRequest->headers->set('if_modified_since', $entry->headers->get('Last-Modified')); }
// Add our cached etag validator to the environment.
// We keep the etags from the client to handle the case when the client
// has a different private valid entry which is not cached here.
$cachedEtags = $entry->getEtag() ? [$entry->getEtag()] : []; $requestEtags = $request->getETags(); if ($etags = array_unique(array_merge($cachedEtags, $requestEtags))) { $subRequest->headers->set('if_none_match', implode(', ', $etags)); }
$response = $this->forward($subRequest, $catch, $entry);
if (304 == $response->getStatusCode()) { $this->record($request, 'valid');
// return the response and not the cache entry if the response is valid but not cached
$etag = $response->getEtag(); if ($etag && \in_array($etag, $requestEtags) && !\in_array($etag, $cachedEtags)) { return $response; }
$entry = clone $entry; $entry->headers->remove('Date');
foreach (['Date', 'Expires', 'Cache-Control', 'ETag', 'Last-Modified'] as $name) { if ($response->headers->has($name)) { $entry->headers->set($name, $response->headers->get($name)); } }
$response = $entry; } else { $this->record($request, 'invalid'); }
if ($response->isCacheable()) { $this->store($request, $response); }
return $response; }
/** * Unconditionally fetches a fresh response from the backend and * stores it in the cache if is cacheable. * * @param bool $catch Whether to process exceptions * * @return Response A Response instance */ protected function fetch(Request $request, bool $catch = false) { $subRequest = clone $request;
// send no head requests because we want content
if ('HEAD' === $request->getMethod()) { $subRequest->setMethod('GET'); }
// avoid that the backend sends no content
$subRequest->headers->remove('if_modified_since'); $subRequest->headers->remove('if_none_match');
$response = $this->forward($subRequest, $catch);
if ($response->isCacheable()) { $this->store($request, $response); }
return $response; }
/** * Forwards the Request to the backend and returns the Response. * * All backend requests (cache passes, fetches, cache validations) * run through this method. * * @param bool $catch Whether to catch exceptions or not * @param Response|null $entry A Response instance (the stale entry if present, null otherwise) * * @return Response A Response instance */ protected function forward(Request $request, bool $catch = false, Response $entry = null) { if ($this->surrogate) { $this->surrogate->addSurrogateCapability($request); }
// always a "master" request (as the real master request can be in cache)
$response = SubRequestHandler::handle($this->kernel, $request, HttpKernelInterface::MAIN_REQUEST, $catch);
/* * Support stale-if-error given on Responses or as a config option. * RFC 7234 summarizes in Section 4.2.4 (but also mentions with the individual * Cache-Control directives) that * * A cache MUST NOT generate a stale response if it is prohibited by an * explicit in-protocol directive (e.g., by a "no-store" or "no-cache" * cache directive, a "must-revalidate" cache-response-directive, or an * applicable "s-maxage" or "proxy-revalidate" cache-response-directive; * see Section 5.2.2). * * https://tools.ietf.org/html/rfc7234#section-4.2.4
* * We deviate from this in one detail, namely that we *do* serve entries in the * stale-if-error case even if they have a `s-maxage` Cache-Control directive. */ if (null !== $entry && \in_array($response->getStatusCode(), [500, 502, 503, 504]) && !$entry->headers->hasCacheControlDirective('no-cache') && !$entry->mustRevalidate() ) { if (null === $age = $entry->headers->getCacheControlDirective('stale-if-error')) { $age = $this->options['stale_if_error']; }
/* * stale-if-error gives the (extra) time that the Response may be used *after* it has become stale. * So we compare the time the $entry has been sitting in the cache already with the * time it was fresh plus the allowed grace period. */ if ($entry->getAge() <= $entry->getMaxAge() + $age) { $this->record($request, 'stale-if-error');
return $entry; } }
/* RFC 7231 Sect. 7.1.1.2 says that a server that does not have a reasonably accurate clock MUST NOT send a "Date" header, although it MUST send one in most other cases except for 1xx or 5xx responses where it MAY do so.
Anyway, a client that received a message without a "Date" header MUST add it. */ if (!$response->headers->has('Date')) { $response->setDate(\DateTime::createFromFormat('U', time())); }
$this->processResponseBody($request, $response);
if ($this->isPrivateRequest($request) && !$response->headers->hasCacheControlDirective('public')) { $response->setPrivate(); } elseif ($this->options['default_ttl'] > 0 && null === $response->getTtl() && !$response->headers->getCacheControlDirective('must-revalidate')) { $response->setTtl($this->options['default_ttl']); }
return $response; }
/** * Checks whether the cache entry is "fresh enough" to satisfy the Request. * * @return bool true if the cache entry if fresh enough, false otherwise */ protected function isFreshEnough(Request $request, Response $entry) { if (!$entry->isFresh()) { return $this->lock($request, $entry); }
if ($this->options['allow_revalidate'] && null !== $maxAge = $request->headers->getCacheControlDirective('max-age')) { return $maxAge > 0 && $maxAge >= $entry->getAge(); }
return true; }
/** * Locks a Request during the call to the backend. * * @return bool true if the cache entry can be returned even if it is staled, false otherwise */ protected function lock(Request $request, Response $entry) { // try to acquire a lock to call the backend
$lock = $this->store->lock($request);
if (true === $lock) { // we have the lock, call the backend
return false; }
// there is already another process calling the backend
// May we serve a stale response?
if ($this->mayServeStaleWhileRevalidate($entry)) { $this->record($request, 'stale-while-revalidate');
return true; }
// wait for the lock to be released
if ($this->waitForLock($request)) { // replace the current entry with the fresh one
$new = $this->lookup($request); $entry->headers = $new->headers; $entry->setContent($new->getContent()); $entry->setStatusCode($new->getStatusCode()); $entry->setProtocolVersion($new->getProtocolVersion()); foreach ($new->headers->getCookies() as $cookie) { $entry->headers->setCookie($cookie); } } else { // backend is slow as hell, send a 503 response (to avoid the dog pile effect)
$entry->setStatusCode(503); $entry->setContent('503 Service Unavailable'); $entry->headers->set('Retry-After', 10); }
return true; }
/** * Writes the Response to the cache. * * @throws \Exception */ protected function store(Request $request, Response $response) { try { $this->store->write($request, $response);
$this->record($request, 'store');
$response->headers->set('Age', $response->getAge()); } catch (\Exception $e) { $this->record($request, 'store-failed');
if ($this->options['debug']) { throw $e; } }
// now that the response is cached, release the lock
$this->store->unlock($request); }
/** * Restores the Response body. */ private function restoreResponseBody(Request $request, Response $response) { if ($response->headers->has('X-Body-Eval')) { ob_start();
if ($response->headers->has('X-Body-File')) { include $response->headers->get('X-Body-File'); } else { eval('; ?>'.$response->getContent().'<?php ;'); }
$response->setContent(ob_get_clean()); $response->headers->remove('X-Body-Eval'); if (!$response->headers->has('Transfer-Encoding')) { $response->headers->set('Content-Length', \strlen($response->getContent())); } } elseif ($response->headers->has('X-Body-File')) { // Response does not include possibly dynamic content (ESI, SSI), so we need
// not handle the content for HEAD requests
if (!$request->isMethod('HEAD')) { $response->setContent(file_get_contents($response->headers->get('X-Body-File'))); } } else { return; }
$response->headers->remove('X-Body-File'); }
protected function processResponseBody(Request $request, Response $response) { if (null !== $this->surrogate && $this->surrogate->needsParsing($response)) { $this->surrogate->process($request, $response); } }
/** * Checks if the Request includes authorization or other sensitive information * that should cause the Response to be considered private by default. */ private function isPrivateRequest(Request $request): bool { foreach ($this->options['private_headers'] as $key) { $key = strtolower(str_replace('HTTP_', '', $key));
if ('cookie' === $key) { if (\count($request->cookies->all())) { return true; } } elseif ($request->headers->has($key)) { return true; } }
return false; }
/** * Records that an event took place. */ private function record(Request $request, string $event) { $this->traces[$this->getTraceKey($request)][] = $event; }
/** * Calculates the key we use in the "trace" array for a given request. */ private function getTraceKey(Request $request): string { $path = $request->getPathInfo(); if ($qs = $request->getQueryString()) { $path .= '?'.$qs; }
return $request->getMethod().' '.$path; }
/** * Checks whether the given (cached) response may be served as "stale" when a revalidation * is currently in progress. */ private function mayServeStaleWhileRevalidate(Response $entry): bool { $timeout = $entry->headers->getCacheControlDirective('stale-while-revalidate');
if (null === $timeout) { $timeout = $this->options['stale_while_revalidate']; }
return abs($entry->getTtl()) < $timeout; }
/** * Waits for the store to release a locked entry. */ private function waitForLock(Request $request): bool { $wait = 0; while ($this->store->isLocked($request) && $wait < 100) { usleep(50000); ++$wait; }
return $wait < 100; }}
|
